Years of professional experience
SAHIL SHARMA
Security Engineer
New Delhi
Summary
An experienced and skilled Security Engineer with a proven track record of designing, implementing, and managing robust security solutions. Proficient in conducting Security assessments such as VAPT, Cloud Security, Threat Detection and Malware Analysis. Seeking a challenging position in a dynamic organization where I can utilize my expertise to enhance security posture and protect critical assets.
Overview
2
2
3
3
Certification
Work History
Security Engineer
Zscaler
09.2023 - Current
- Enhanced cloud service security by deploying a CASB solution that intercepted and mitigated over 95% of potential threats, resulting in 50% reduction in data breaches
- Developing and providing risk score for enterprise SaaS apps using Automation tools of 70+ security attributes and conducting Web application security test (OWASP 10)
- Utilized industry-leading tools such as Burp Suite, Tenable Nessus, and Metasploit to conduct comprehensive vulnerability assessments and penetration tests, providing actionable recommendations for mitigation and risk reduction
- Prepared detailed reports and documentation of security findings, vulnerabilities, and remediation strategies, effectively communicating technical information to both technical and non-technical stakeholders
- Perform Static and Dynamic analysis of PE binaries using industry-leading tools such as PEView, PEStudio, Ollydbg etc
- Identifying NRD (newly registered domains), NOD (newly observed domains), NAD (newly added domains) as perimeter security at the very first node of hitting the organization cloud
- Secure Non Corporate SaaS Tenants by providing inline visibility and granular controls for thousands of cloud apps distinguish between sanctioned SaaS tenants and unsanctioned instances
- Actively participated in knowledge-sharing initiatives, organizing and conducting learning sessions as part of a training drive, fostering a culture of continuous improvement.
Associate Security Engineer
Zscaler
07.2022 - 08.2023
- Developed and implemented automation scripts to analyze SSL information, ciphers, and encryption algorithms, identified and resolved vulnerabilities, including Logjam and Heartbleed, bolstering security measures
- Implementing Email Security controls around thousands of SaaS applications by validating SPF, DKIM and DMARC
- Analyze Potential Malicious Domains and IPs by utilizing Threat Hunting open source tools such as Virustotal, URLscan.io for checking reputation of malicious domains and sandboxes for manually validating
AWS Cloud Security intern
Fleet Hawks Inc
05.2021 - 06.2022
- Configured and Deployed AWS WAF with web ACLs over application running in EC2 instance behind ALB
- Authorized Users, Groups and IAM roles & policies for particular tasks and mitigate DDOS using AWS Shield
- Setup WAF flow by creating a rule policy, filter incoming requests and monitor anomalies Cloudwatch metrics
- Setup AWS inbound and outbound NACLS & security groups and filtered inbounds
- Analyzing AWS CloudTrail logs, VPC security events and creating AWS CloudWatch alerts
- Installed, configured and maintained CI/CD DevOps automation tools like Grafana, Jenkins.
Education
BTECH - CSE
GNA University
08.2018 - 05.2022
Skills
- Cybersecurity: Penetration Testing, Vulnerability Assessment, Network Analysis, Threat Intelligence, AWS, SIEM
- Malware Analysis: PE , Static Analysis and Dynamic (Behavioral) Analysis of binaries
- Phishing Analysis: Analysis using Threat intel feeds (Openphish & Phishtank)
- Scripting Languages: Bash, Python
- Tools and Frameworks: x32dbg, x64dbg, OllyDbg, Metasploit, BurpSuite, Wireshark, Nessus, Nmap, OWASP ZAP, PEStudio, Sqlmap, Fiddler
- Version Control: Git, Bitbucket
- Project Management Tools: Jira, Zoho Projects
- Platforms: Kali Linux, Remnux, FlareVM, Windows
- Source Code Review : SAST & DAST (In learning phase)
Certification
- AWS Certified Cloud Practitioner
- CompTIA Security+
- Aviatrix Certified Engineer
Blog
https://shas3c.medium.com/
Timeline
Security Engineer
Zscaler
09.2023 - Current
Associate Security Engineer
Zscaler
07.2022 - 08.2023
AWS Cloud Security intern
Fleet Hawks Inc
05.2021 - 06.2022
BTECH - CSE
GNA University
08.2018 - 05.2022
Similar Profiles
NAKUL. ANIL. SONARENAKUL. ANIL. SONARE
Product Support III at ZscalerProduct Support III at Zscaler
Manikandan RManikandan R
Sr. Staff Software Engineer at ZscalerSr. Staff Software Engineer at Zscaler
Lakhan ParasharLakhan Parashar
Threat Researcher at ZscalerThreat Researcher at Zscaler
Chaitra GolasangiChaitra Golasangi
Senior Staff Software Development Engineer at ZscalerSenior Staff Software Development Engineer at Zscaler
Manav SaxenaManav Saxena
Technical Lead at Digicommerce Solution LLPTechnical Lead at Digicommerce Solution LLP